Nightfall saves time by automating data detection, classification, and remediation. First, Nightfall installs in minutes, so you won’t need IT resources or time spent worrying about agents or software to install, patch, manage, and update. Second, classification is automatic and highly accurate, so you’ll eliminate time spent tagging data manually, and reduce time spent reviewing false positives and grappling with alert fatigue. Third, with Nightfall you can set up automatic workflows to take action on sensitive data proactively, which means you’ll reduce time spent manually responding to alerts and reduce mean time to resolution.

In the case of our Slack product, the Nightfall bot lives directly in the Slack workspace, which means administrators don’t have to context-switch between apps, and employees can receive descriptive notifications directly in Slack in real-time, rather than via email, meaning less time finding workarounds.

As a result, you’ll see measurable time savings and productivity improvements that give your team the leverage to focus on other security & compliance challenges.

Nightfall is the only cloud DLP solution that:

• Automatically scans 150+ types of PII, PHI, PCI, credentials, secrets, and more with machine-learning trained detectors.

• Offers customizable and configurable detection in our easy-to-use interface.

• Integrates in minutes.

• Has significant funding, operating history, and backing by leadership from Atlassian, Okta, and more; and executive leadership from Uber, Salesforce, Carta, Microsoft, Box, Slack.

• Supports major enterprise customers processing high volumes of data at scale.

• Is supported fully in-house, so data is not processed or inspected by a third-party service.

• Complies with regimes like HIPAA and CCPA and requisite policies/controls.

• Integrates deeply with cloud applications including Confluence, Jira, Slack, GitHub, Google Drive, and more.

• Offers a robust API for content inspection in any data silo.

• Provides a dedicated customer success manager, solutions architect, help center, and support.

For pre-built Nightfall Detectors, Nightfall supports different languages for certain detection algorithms. For sensitive data types that are numeric/alphanumeric - such as card numbers, passport numbers, drivers licenses, etc. - Nightfall trains these detectors with context that corresponds to the language in that geographical area. For example, for our pre-built Brazilian CPF detector (a National Brazilian Tax Number) our detector is trained on context in English and in Portuguese (examples include phrases like “pessoas singulares registro número”).

For custom detectors (such as regular expressions), Nightfall supports any characters in the UTF-8 character set. For all intents and purposes this should support characters in most languages. The full list is available here http://www.unicode.org/charts/index.html.

For example, let's take the following Hindi text: मेरा नाम पैट्रिक है।

This translates in English to: "My name is Patrick."

If we build a custom detector as a regular expression such as: "पैट्रिक" (which says match on the name “Patrick”), we will be able to detect this in Hindi text.

However, Nightfall has not yet built detection algorithms that attempt to understand this text (beyond what’s stated above), meaning it cannot match through any lexical context or interpretation of the text. In other words, Nightfall has no semantic or lexical understanding on what the underlying characters actually mean unless they are in English or trained per the above.

Because Nightfall has no interpretation of these Hindi characters, the pre-built Person Name detector will not flag on "पैट्रिक" (Patrick).

With the proliferation of cloud SaaS and data infrastructure, sensitive data sprays across more and more third-party services like Slack, GitHub, and AWS at an alarming rate. It’s a major challenge to see what data is in these silos and is being transmitted across them in real-time. Moreover, data is increasingly complex & unstructured and is created at an unprecedented rate, making it impossible to consistently tag and keep track of. All of this data can be subject to security risks, in the form of data filtration or leakage outside your organization, resulting in a breach. Likewise, you may be subject to compliance regimes that dictate your use & protection of customer data, such as HIPAA, GDPR, CCPA, and PCI-DSS.

Nightfall is a data loss prevention platform that alleviates these burdens by automatically discovering & classifying sensitive data, giving you visibility into your cloud apps, and giving you the ability to respond & remediate instances of data sharing or data loss that represent security or compliance risks to your business. With these controls in place, you’ll have greater visibility into how sensitive data is stored, managed, shared, processed, and protected within your organization, and reduce the likelihood that this data is compromised by malicious or inadvertent activity.

Nightfall uses machine learning to classify data. Our deep learning-based classifiers are trained on massive volumes of data to yield high accuracy. Unlike traditional methods, Nightfall considers the context surrounding a given token in order to accurately classify it. This means Nightfall performs well on unstructured and ambiguous data, which is increasingly common in enterprises today. Nightfall parses and scans 100+ file types, including images, screenshots, compressed folders, PDFs, etc. Our classifications are fed into the Nightfall platform so you can review & remediate the findings, or leverage them in your own way via our Firewall for AI.

Nightfall is the industry’s first cloud-native data loss prevention platform that discovers, classifies, and protects data via machine learning. In contrast, a CASB (cloud access security broker) is typically a network-based solution that sits between cloud service users and cloud applications to monitor activity and enforce security policies. Data loss prevention identifies and protects sensitive content from loss, such as inappropriate use, sharing, exfiltration, or misuse.

CASBs may have limited data classification and protection capabilities via API, although they aren’t designed for this purpose. As with any monolithic vendor that tackles a wide breadth of problems, a CASB doesn’t achieve the same level of depth in functionality, accuracy in detection, or granularity in remediation as a best-of-breed DLP solution.

Nightfall is designed to inspect content, so we cover a much broader set of (over 100+) file types, including unstructured data, and detect a broader set of (over 100+) detectors. Likewise, accuracy is substantially improved via machine learning. In summary, Nightfall may work well with a CASB if you already have one, or as a replacement for companies focused on high-fidelity data protection in the cloud.

Nightfall classifies over 100+ types of sensitive data, including forms of personally identifiable data (PII), protected health information (PHI), payment card information (PCI), credentials & secrets, and more. For example, email addresses, credit card numbers, social security numbers, API keys, passwords, and many more. These data types support compliance regimes like HIPAA, GDPR, HIPAA, PCI-DSS. Likewise, Nightfall’s detectors apply to a broad variety of industries and geographies (countries in US, EMEA, APAC, etc.).

Nightfall also supports custom detectors, as well as features such as context rules & exclusion rules that enable you to further tune detectors to your specific business needs and increase accuracy. Contact us at sales@nightfall.ai to determine if Nightfall supports detectors that meet your needs.

Traditional data loss prevention (DLP) platforms focus primarily on securing data on endpoints (devices like laptops, phones, servers) or networks. As such, they don’t provide visibility into cloud applications and cloud data infrastructure that enterprises are rapidly moving towards. Nightfall is the industry’s first cloud-native DLP platform focused on detecting & protecting data in the cloud by integrating directly with these services via their APIs.

Legacy DLP solutions are also limited in what they can recognize because they rely on traditional detection methods, such as regex rules and digital signatures/fingerprints. These have severe limitations in accuracy, usually resulting in a high volume of false positives, and significant alert fatigue for end-users. This means negative ROI and limited value.

In contrast, Nightfall leverages machine learning to scan data and its surrounding context, meaning Nightfall can scan both structured & unstructured data with high accuracy. Because of this higher accuracy, customers often have Nightfall automate the response to data leakage events, yielding measurable time savings. Security, compliance, and engineering teams can focus on other problems, versus triaging alerts, getting hours back in their day. What was once negative ROI with traditional DLP is now positive ROI with Nightfall.

The best way to evaluate Nightfall is via a free trial. Contact us at sales@nightfall.ai to get started.

Yes, Nightfall scans unstructured data and parses text from 100+ file types. For example, this could be data like customer chat logs, JSON objects, application logs, spreadsheets, PDFs, images, screenshots, etc. Read more about the risks imposed by unstructured data on our blog here.

Nightfall integrates with a variety of cloud services. Because Nightfall is the industry’s first cloud-native DLP solution, it’s simple and seamless to deploy, with no agent installation required or any endpoint/network changes.

Nightfall typically integrates as a third-party app into SaaS applications like Slack via OAuth 2.0. For example, imagine you were logging into Spotify or OpenTable via your Facebook account. This same authentication protocol is what Nightfall uses to integrate into apps like Slack or GitHub. This means that integrating a service like Slack with Nightfall takes just a few clicks by an administrator.

Nightfall is an approved app in SaaS vendors’ “marketplace” ecosystems, for example the Slack Marketplace and GitHub Marketplace. Get up and running quickly with our easy to navigate dashboards and comprehensive documentation.

For more information on how to get started with Nightfall, please email sales@nightfall.ai.

Integrate with your cloud services in minutes to begin using Nightfall’s machine learning and AI-based detectors to monitor PII and sensitive data immediately. Nightfall’s user-friendly dashboard and comprehensive documentation make it easy to deploy quickly. You can typically integrate Nightfall in a few clicks depending on the service.

Read more about how other companies have used Nightfall to secure their infrastructure .

No, Nightfall doesn’t require data to be pre-tagged. Nightfall uses machine learning to detect 100+ types of sensitive data out of the box, without prior tuning or tagging required. This includes forms of PII, PHI, PCI, and other sensitive content – for example, emails, social security numbers, etc. Our detectors leverage context surrounding a specific token to properly identify and classify it, which dramatically improves accuracy over traditional rules-based approaches to DLP.

E-discovery and data loss prevention (DLP) are different, albeit conceptually similar. Nightfall is a cloud-native DLP platform.

E-discovery typically pulls messages and files from a platform to store the information in third-party data warehouses, where messages and files can be searched, archived, or retrieved. This serves legal and compliance use cases should the data need to be retrieved or searched for a legal hold.

DLP ensures sensitive data, such as personally identifiable information (PII), isn’t shared inappropriately by scanning for content within messages and files that break selected policies. This serves security and compliance use cases around discovering, classifying, and protecting sensitive data.

Estimating the amount of data that Nightfall will scan in your organization is an essential step in planning for the usage of historical scans.

The data requirements vary based on the integration. Refer to the respective integration below to understand the potential data volume required to scan via historical scans:

As a best practice, service accounts are recommended for authentication because they will not be tied to any specific user, and will persist regardless of which users may leave/join your organization.

Also, as a security measure, it may be beneficial to provide the access privileges required to a service account, rather than having to manage permissions given to specific users. That being said, the requirements for service accounts differ by integration, as outlined below.

For any other questions/comments regarding service accounts, please contact us at support@nightfall.ai.

Please find the permissions required for each integration, in the table below: Native Integrations:

Alert Platforms:

For more information on which integrations/platforms would require/recommend a service account, please refer the page below:

Nightfall’s apps are not part of the Cloud Fortified Apps Program with the main reason being support for the bug bounty program. However, we are in compliance with Atlassian security requirements and apps are regularly updated to any recommendations from Atlassian. To learn more about Atlassian security requirements, refer to this document.